Posted on by SYSMGR

03-Oct-2012

Nothing much to worry about
I closed the firewall for a number of Chinese networks (completely. They won’t notice by this blog when they use these addresses 🙂 because ALL access is denied) because of high volume FTP abuse attempts) and that also limited the number of relay attempts dramatically:
PMAS statistics for September
Total messages    :  10226 = 100.0 o/o
DNS Blacklisted   :   3184 =  31.1 o/o (Files: 30)
Relay attempts    :     10 =    .0 o/o (Files: 30)
Accepted by PMAS  :   7032 =  68.7 o/o (Files: 30)
 Handled by explicit rule
        Rejected :   6527 =  92.8 o/o (processed),  63.8 o/o (all)
        Accepted :    195 =   2.7 o/o (processed),   1.9 o/o (all)
 Handled by content
       Discarded :     91 =   1.2 o/o (processed),    .8 o/o (all)
    Quarantained :    188 =   2.6 o/o (processed),   1.8 o/o (all)
       Delivered :     31 =    .4 o/o (processed),    .3 o/o (all)

Explicit rules seem to work fine…
Apart from the number of relay attempts (due to blocking notoriously bad behaving FTP users): the number of abusive web accesses have been limited as well, but I didn’t get into the details yet. But the impression is that Chinese abuse is now tackled – for now.
Work at hand
On this subject, I’m almost finished with scanning all relevant logfiles so I can correlate any type of access and the result. There is a slight problem, though. Both PMAS and HP’s TCPIP do not always contain the sender accesses in their messages so there is still some investigation needed. But with the amount of data that is now available, it should be possible tp come up with a scheme to relate the router data with what happens in the VMS box 🙂
On the front page – and all behind – work on the Gazette is ongoing. Taking my current home page as a guinea pig, it wont be much longer before I can make the transition.
A major overhaul of the whole site is eminent -you will be informed.
(What is most annoying on CSWB – the (Alpha) VMS version on Mozilla (based on SeaMonkey) – is that it will taken up to 100% CPU for a few minutes at times, for a minute or two. Without warning, without apparent reason. And though it will prompt for a newer version – which doesn’t exist for Alpha – there is not much to be done against it….)

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.